I. Introduction
This Privacy Policy explains how the ABA collects, uses, shares and safeguards Personal Data and Non-Personal Data on www.americanbar.org, www.abajournal.com, mobile websites, microsites, mobile applications, ABA profiles on ABA social media sites and any other digital services and platforms officially operated or used by the ABA from time to time (“Sites”), as well as by phone or by paper. In certain Sites operated overseas, the privacy policy displayed on those Sites, and not this Privacy Policy, may govern the collection, use and sharing of information.
II. Changes to the Privacy Policy
As the ABA, its membership, products and services change from time to time, this Privacy Policy is expected to change as well. We reserve the right to amend the Privacy Policy at any time, for any reason. The date of the last revision to the Privacy Policy will be indicated by the "Effective Date" at the bottom of this page.
III. Types of Data We Collect
Personal Data
We collect information (whether online, by phone, or by paper) that enables the ABA to identify or contact you (“Personal Data”) to carry out its business purposes. ABA Sites collect this information for a variety of business reasons, including but not limited to, applying for membership, registering for an ABA event or program, purchasing ABA products or services, or otherwise interacting with the ABA.
The types of Personal Data we collect include, but are not limited to:
- General data (e.g., names, dates of birth, home and business addresses, email addresses, Internet protocol addresses and mobile/landline business/personal telephone numbers that are provided by our members/customers)
- Professional data (e.g., bar pass date and state(s))
- Government-issued identification numbers (e.g., social security numbers, national identification numbers and tax identification numbers), for example from employees and independent contractors, but not from members unless the ABA makes payments to members, such as honoraria or royalties for publishing rights
- Other identification information (e.g., photographs)
- Financial information (e.g., credit and debit card numbers, credit reports, passwords and PIN numbers) for product sales or employment purposes
- Sensitive Personal Data (e.g., racial or ethnic origin, sexual orientation and disability data) for diversity or accessibility purposes
The ABA also receives Personal Data from third parties for the ABA’s use in marketing to potential new members, such as lists of new state bar admittees from various state bar entities.
Non-Personal Data
We collect information (whether online, by phone, or by paper) that does not directly identify you as you interact with our Sites (“Non-Personal Data”). The types of Non-Personal Data we collect includes, but is not limited to:
- Site usage (e.g., browsing history, search terms, number of clicks, referring/exit pages, date/time stamp, time on Site)
- Products and services viewed, including advertisements for such products and services
- Computer type, operating system and platform type
- Internet service provider
- Your industry and business (e.g., company size and location, job functions and seniority levels)
IV. How We Use Your Data
In addition to the uses described above, we use your Personal Data, sometimes combined with Non-Personal Data, in a variety of ways including, but not limited to the below, in order to:
Personal Data
- Identify you when you visit our Sites
- Provide service communications such as bill reminders, order confirmations, program registrations and customer service messages
- Provide products, information and services you request or that we think you may be interested in
- Respond to your emails or online requests for products, services, or information
- Deliver and process surveys
- Personalize and improve the usability of the Sites
- Fulfill and/or deliver ABA products and services
- Tailor content, advertising and marketing to you
- Publish membership directories, membership lists and registration lists on the Sites and in print and digital media to allow lawyers and the public to find you; such directories and lists will not include credit card information or personal identification numbers such as social security numbers, as set forth in the “Contact Information” section below
Non-Personal Data
We use Non-Personal Data to improve the usability of our Sites and for other business reasons. We or other third-party companies also use the Non-Personal Data to provide advertisements and targeted advertisements to you (ads based on the Non-Personal Data). We do not provide Personal Data to third parties with whom we share your Non-Personal Data. Please note that, when you select an advertising link or other link that takes you to sites not operated by the ABA, you may be subject to the privacy policies of these third-party sites.
V. How We Share Your Data
We share your Personal Data, sometimes combined with Non-Personal Data, in a variety of ways including, but not limited to the below:
- Share data with third parties to fulfill service requests and to perform business functions (e.g., the ABA contracts with third parties to provide services on our behalf such as data hosting services; packaging, mailing and delivering services; customer support and consulting services; and event registration services).
- Share data with third parties as required by law or to protect the ABA in the good-faith belief that such action is necessary to: (a) conform to legal requirements or comply with legal process served on the ABA; (b) protect and defend the ABA’s rights or property; or (c) protect the personal safety of ABA personnel or members of the public in appropriate circumstances.
- Share data with third parties if the ABA and/or its assets (or a portion of its assets) are sold, assigned, transferred, or merged, or if the ABA undergoes some other change including a change to its corporate form as part of a bankruptcy proceeding or otherwise; information may be transferred as part of that transaction or change.
- Share data with third parties to offer you products and services that may be of interest to you professionally or personally (e.g., membership renewal notices, products and services, business software solutions, or member product discounts). Users can request their information to be removed from such lists by contacting us, as set forth in the “Contact Information” section below.
- Share data with social media sites such as Facebook, LinkedIn, Twitter and others who may contact you with “targeted ads” relating to legal and other services.
- Share data with third parties under other unanticipated situations, but only with your consent.
- Share your email address, but only as permitted by the ABA Email Policy, as follows:
ABA does not sell or rent your email addresses to any party outside of the ABA. Except in certain circumstances for the purpose of conducting ABA business, your email addresses are not shared, without prior consent, with corporate sponsors, advertisers, member benefits providers, insurance providers (with the exception of USI Affinity for use in promoting ABA Insurance) or any third-party selling products and services on the Association’s behalf.
VI. How You Can Manage the Processing of Your Data
You can manage your profile and email preferences, including “opting out” of email by contacting us using the information in the “Contact Information” section below. If you prefer to receive hard copy mailings only from the ABA, you can contact us and request to have your name and address removed from the list we provide to third parties. For California residents, please consult the “California Privacy Rights” section for additional considerations.
Our processing of your data is based upon your consent, contract performance (e.g., your purchase of products or membership sign-up/renewal), legitimate business interest (e.g., direct marketing of goods and services), or compliance with law. You have the right to object to our processing of your data or to restrict our processing of your data. In addition, if you have consented to the processing of your Personal Data, you have the right to withdraw your consent at any time.
VII. California Privacy Rights
In addition to the rights as explained in this Privacy Policy, under California’s "Shine the Light" law, California residents who provide personal information (as defined in the statute) to obtain products or services for personal, family, or household use are entitled to request and obtain from us, once a calendar year, information about the personal information we shared, if any, with other businesses for marketing uses. If applicable, this information would include the categories of personal information and the names and addresses of those businesses with which we shared such personal information for the immediately prior calendar year (e.g., requests made in the current year will receive information about the prior year). To obtain this information please write to us at: American Bar Association, 321 N. Clark St. Chicago, IL 60654-7598. Attn: ABA List Sales -- California Privacy Law. Please include your full name and address and ABA Member Number, if applicable.
VIII. Canada Anti-Spam Law
The ABA complies with the Canada Anti-Spam Law. Non-ABA members or associates who provide us a Canadian mailing address will not receive unauthorized Commercial Electronic Messages (as defined under the Canada Anti-Spam Law) unless these individuals have “opted-in” to receive Commercial Electronic Messages.
IX. Children
We do not knowingly collect Personal Data from or market to children under the age of 13.
X. How We Protect Personal Data
The ABA implements commercially reasonable security measures to help protect against unauthorized access to or unauthorized alteration, disclosure, or destruction of data. Except for membership directories, membership lists and registration lists, and the sharing of information as set forth in this Privacy Policy, we restrict access to Personal Data to certain companies who need the data to operate, develop, or improve our services. These individuals or partner organizations are bound by confidentiality obligations and may be subject to discipline, including termination and criminal prosecution, if they fail to meet these obligations.
Unfortunately, no data transmission over the Internet or electronic storage is fully secure. Accordingly, and despite our reasonable efforts to protect your Personal Data from unauthorized access, use, or disclosure, the ABA cannot guarantee or warrant the security of the Personal Data you transmit to us, or to or from our online Sites. If you have questions about this Privacy Policy, please contact us.
XI. User ID and Password
Certain areas of the Sites require the use of a user ID, email address, or password as an additional security measure that helps protect your Personal Data. To help you protect your privacy, these Sites have tools to help you log in and log out.
XII. Linking to Other Internet Sites
You should be aware that other Internet sites that are linked from the Sites or from an ABA email message may contain privacy provisions that differ from the provisions of this Privacy Policy. To ensure your privacy is protected, we recommend that you review the privacy statements of these other linked sites, applications, or other digital platforms.
XIII. How You Can Access, Change and Delete Your Personal Data
We rely on you to update and correct your Personal Data. If you are a user of our Sites, subscriber to ABA publications, purchaser of ABA products and services, or an ABA member, you can review, update and correct your information directly on the ABA’s website or by contacting us using the information in the “Contact Information” section below. Typically, we retain your Personal Data for the period necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. This may include retaining your Personal Data indefinitely, even after you are no longer an ABA member, in order to provide you with future marketing opportunities and other purposes, as well as to comply with our legal obligations, resolve disputes, or enforce any of our agreements. Please note that you can request, at any time, that we delete your Personal Data. All requests must be directed to the contact in the “Contact Information” section below. We can decide to delete your Personal Data if we believe that the data is incomplete, inaccurate, or that our continued use and storage are contrary to our obligations to other members, individuals, or third parties. When we delete your Personal Data, it will be removed from our active databases or anonymized so that the data is no longer identified with you, but the data may remain in our archives if the ABA determines that it is not practical or possible to delete it.
XIV. Cookies and Other Web Devices
Our website sends cookies (e.g., pieces of code or text placed on your computer by us or third-parties when you browse our Sites) to your web browser (if your browser’s preferences allow it) to collect data when you browse our Sites. Cookie settings can be controlled in your Internet browser to automatically reject some forms of cookies. If you view our website without changing your cookie settings, you are indicating your consent to receive all cookies from our Sites. If you do not allow cookies, some features and functionality of our Sites may not operate as expected. In addition to cookies, we place technological tools (and allow certain third parties to place technological tools) such as tags and beacons (e.g., code scripts that are primarily used to track visitors’ activities on our Sites by web analytics software), Internet Protocol (IP) addresses, and other tools, to collect your data for the purposes listed in this Privacy Policy.
XV. Transmission of Data to Other Countries
Your Personal Data is processed in the United States, where privacy laws may be less stringent than the laws in your country and where the government, courts, or law enforcement may be able to access your data. By submitting your Personal Data to us, you agree to the transfer, storage and processing of your Personal Data in the United States.
XVI. Right to Complain to Supervisory Authority
You, as the data subject, have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement, if you believe that the processing of your personal data does not comply with legal requirements.
XVII. Breach Notification
In the event we determine the occurrence of a data security incident, we will notify you by email, US mail, telephone, or other means as permitted by law
XVIII. Contact Information
If you have questions, comments, or complaints concerning our privacy practices or if you wish to change, access, or remove your Personal Data, please contact us as indicated below. We will attempt, where practical, to respond to your requests and to provide you with additional privacy related information.
American Bar Association
321 N. Clark Street
Chicago, IL 60654
americanbar.org:
(800) 285-2221 or (312) 988-5000 or [email protected]
Effective Date: June 29, 2023